This Computer System Protects Itself Against Physical Intrusion by Monitoring Internal Radio Signals

Researchers at the Ruhr-Universität Bochum and the Max Planck Institute for Security and Privacy, working with PHYSEC GmbH, have come up with a way to defend computing systems against physical attack — by listening out for intrusions via Anti-Tamper Radio (ATR).

“Typically, [physical intrusion detection] is done with a type of foil with thin wires in which the hardware component is wrapped," says Paul Staat, first author on the paper describing the radio-based approach. "If the foil is damaged, an alarm is triggered."

A physical mesh, however, has its limitations — not least being hard to manufacture, expensive, and potentially unreliable for system-wide security with only smaller components suitable for protection in this manner. Thus a desire to find an alternative approach, which in this case uses radio waves in place of a physical conductive mesh — using two antennas, connected to a transmitter and a receiver respectively.

The signal from the transmitter propagates through the housing to be protected, bouncing, reflecting, and being absorbed to create a unique blend of frequencies and signal strengths at the receiver. If there's a physical change, so too does the signal shift - providing an early warning that something is amiss.

To prove the concept, the team installed the system in a typical computer case. As the screws holding the housing together were loosened, the signal shift — and when holes were drilled into the case to allow probe needles to be inserted without removing the outer shell at all, the system proved capable of detecting a needle just 0.3mm thick at any position and as thin as 0.1mm in selected positions.

"Fundamentally, there’s nothing standing in the way of a broad application of this technology. It is suitable for both high-security applications and everyday problems," claims Christian Zenger, founder and chief executive of IT firm PHYSEC — which already deploys a similar system for commercial use. "There are plenty of other technical systems that need to be protected not only from remote cyberattacks but also from hardware manipulation. Examples include control units in cars, electricity meters, medical devices, satellites, and service robots."

The researchers even found that the ATR system can be implemented using low-cost radio hardware in addition to the highly-sensitive lab systems used for experimentation, albeit with a reduction in detection performance. Further work is needed, however, in preventing false detection as a result of shifting environmental conditions like temperature and humidity. "We hope to tackle such problems in the future with the help of machine learning," says co-author Johannes Tobisch.

The team's work has been published under closed-access terms in the Proceedings of the 2022 IEEE Symposium on Security and Privacy; additional information is available from the Ruhr-Universität Bochum.